CN103716167B

CN103716167B - Method and device for safely collecting and distributing transmission keys

Info

Publication number: CN103716167B
Application number: CN201310742661.7A
Authority: CN
Inventors: 林建群; 陈瑞兵; 束方林
Original assignee: Fujian Landi Commercial Equipment Co Ltd
Current assignee: Fujian Landi Commercial Equipment Co Ltd
Priority date: 2013-03-15
Filing date: 2013-12-27
Publication date: 2017-01-11
Anticipated expiration: 2033-12-27
Also published as: CN103714636A; CN103731260B; CN103716320B; CN103714639A; CN103716153A; CN103729940B; CN103701610A; CN103714637B; CN103746800B; WO2014139408A1; CN103729945B; CN103716154B; CN103714640B; WO2014139411A1; CN103714637A; CN103716154A; CN103714638B; CN103701812B; CN103729943A; CN103746800A

Abstract

The invention relates to the field of electronic payment terminals and discloses a method and device for safely collecting and distributing transmission keys. The method includes the generation step and the distribution step. The generation step mainly includes the sub-steps that an operator card is authenticated, a complete machine serial number and a working certificate are loaded, and activation operation is performed on a POS terminal. The distribution step mainly includes the subs-steps that encryption equipment performs encryption and signature on SN-TK data packets in an MTMS system again, and then the SN-TK data packets are distributed to a KMS system. The method and device have the advantages that when each POS terminal is produced, a transmission key (TK) is generated at random, and it is guaranteed that TK data collected by each POS terminal have uniqueness; in the process of TK collection, strict permission verification is performed on an operator, so that safety is guaranteed; in the process of distribution, strict valid verification, and secondary switching encryption and signature are performed, so that accuracy of the collected TK data is guaranteed in the production process.

Description

A kind of safety gathers and the method and device of distribution transmission key

Technical field

The present invention relates to E-Payment field, particularly relate to a kind of safety and gather and the method for distribution transmission key And device.

Background technology

Bank card (BANK Card) is more and more universal as the means of payment, common bank card paying system Single system (POSP), code keypad is received including point of sales terminal (Point Of Sale, POS), POS And hardware encryption equipment (Hardware and Security Module, HSM) (PINPAD).Wherein POS Terminal can accept bank card information, has communication function, and the instruction accepting teller completes financial transaction letter Breath and the equipment exchanged for information about；POS receives single system and manages POS terminal concentratedly, including parameter Downloading, key is downloaded, and accepts, processes or forward the transaction request of POS terminal, and to POS terminal loopback Transaction results information, is the system of centralized management and trading processing；Code keypad (PINPAD) is to various The key that financial transaction is relevant carries out safe storage protection, and PIN is encrypted the safety equipment of protection； Hardware encryption equipment (HSM) is to the transmission peripheral hardware devices that is encrypted of data, for PIN deciphering, Verify message and the correctness of document source and storage key.Personal identification code (Personal Identification Number, PIN), i.e. personal identification number, is the data letter identifying holder's identity legitimacy in on-line transaction Breath, in cyber-net system, any link does not the most allow to occur in clear text manner；Terminal master key (Terminal MasterKey, TMK), during POS terminal work, the master being encrypted working key is close Key, encrypting storing is in system database；POS terminal is widely used in bank card and pays occasion, such as factory It is purchased thing, hotel accommodations etc., is a kind of indispensable modernization means of payment, incorporate people's life Various occasions.Bank card, particularly debit card, be the most all provided with PIN by holder, is paying During, POS terminal, in addition to above sending the data such as the magnetic track information of bank card, also wants holder to input PIN Identity legitimacy for issuing bank checking holder, it is ensured that bank card safety of payment, the wealth of protection holder Produce safety.In order to prevent PIN from revealing or being cracked, it is desirable to the mutual mistake of whole information from terminal to issuing bank Cheng Zhong, whole process carries out safe encipherment protection to PIN, not in any link of computer network system, PIN occurs in clear text manner, and the POS terminal therefore accepting input PIN at present is desirable that outfit key pipe Reason system.

The key code system of POS terminal is divided into two grades: terminal master key (TMK) and working key (WK). Wherein TMK is for being encrypted protection to WK.Every POS terminal has unique TMK, it is necessary to have Safeguard protection, it is ensured that can only write device and participate in calculate, it is impossible to read；TMK is a root the most crucial Key, if TMK is intercepted, working key is just easier to be cracked, and is paid by serious threat bank card Safety.So TMK can download safely to POS terminal, become the key of whole POS terminal safety. Existing TMK download scenarios is as follows:

1, key mother POS scheme: user receives single system hardware encryption equipment and key mother POS input at POS The same transmission encryption key.It is close that POS terminal receives single system initiating terminal master by key mother POS to POS Request downloaded by key, and POS receives single system and drives hardware encryption equipment stochastic generation terminal master key, and adds with transmission Decryption key encrypted transmission is transmitted further to after key mother POS, key mother POS transmission encryption key decryption POS terminal, POS terminal obtains terminal master key in plain text, is saved in POS terminal code keypad, thus real Existing POS terminal and POS receive the synchronization of terminal master key between single system.

2, IC-card deciphering scheme: it is the same with injection in IC-card that user receives single system hardware encryption equipment at POS Transmission encryption key.IC-card is inserted POS terminal by user, and POS terminal is received single system to POS and initiated eventually End master key downloads request, and POS receives single system and drives hardware encryption equipment stochastic generation terminal master key, and uses Transmission encryption keys is transferred to POS terminal, the transmission encryption key decryption in POS terminal IC-card Terminal master key ciphertext, it is thus achieved that terminal master key in plain text, is saved in POS terminal code keypad, thus realizes POS terminal and POS receive the synchronization of terminal master key between single system.

Above two scheme all has the disadvantage that: terminal master key occurs in outside safety equipment in plain text, is anti- Model Key Exposure risk, the download of terminal master key must control to carry out at the safe machine room of administrative center, logical Cross artificial concentration download terminal master key.This just brings after maintenance centre's machine room workload is big, equipment dispatches from the factory Needing transport just can be deployed to trade company to administrative center's safe machine room download key causes cost of transportation to rise, be Lower dress key is concentrated to need a large amount of staff cause into the problems such as this big, maintenance period length of maintenance with the working time.

Summary of the invention

For solving above-mentioned technical problem, the technical scheme that the present invention uses is to provide a kind of safety and gathers The method of transmission key, including step:

After S101, operation terminal receive input operator's password prompt that MTMS system sends, read and insert The operator's card entered and the Actor password of input, and operator's card information is sent to MTMS system to test The legitimacy of card operator's card；

S102, MTMS system judges that the operator's card information received is the most legal, if so, performs step S103, if it is not, return step S101；

S103, MTMS system sends complete machine serial number SN download instruction to POS terminal, and judge sequence Whether number SN downloads successfully, if so, enters step S104, if it is not, return step S101；

S104, MTMS system judges whether operator's card is extracted, and if so, returns step S101, if it is not, Control MTMS system to POS terminal download work certificate；

The work certificate that the checking of S105, POS terminal is downloaded is the most legal, the most then carry from work certificate Take PKI；

S106, POS terminal stochastic generation transmission cipher key T K；

S107, POS terminal use PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK ciphertext and Serial number SN transmits to MTMS system；

TK ciphertext and serial number SN are carried out packing and generate SN-TK packet by S108, MTMS system, And use operator to block SN-TK packet signature；

The SN-TK of corresponding described SN-TK packet is generated success status information by S109, MTMS system Send to POS terminal；

S110, POS terminal judge whether that receiving SN-TK generates success status information, the most then perform Step S111, if it is not, then return step S109；

S111, POS terminal are converted to use state to complete to activate from producing state, and generate eventually inspection Success Flag Send to MTMS system；

S112, MTMS system receives after examining Success Flag eventually, preserves the SN-TK data of this POS terminal Bag.

Another technical solution used in the present invention is to provide the method for a kind of secure distribution transmission key, bag Include step:

The serial number SN that S201, MTMS system obtains the POS terminal that need to carry out remote cipher key download is corresponding SN-TK packet；

S202, MTMS system verifies the legitimacy of SN-TK packet one by one；

S203, MTMS system, according to the customer information corresponding to SN-TK packet, obtains client KMS Cipher key index number corresponding in system configuration table, and send to encryption equipment, obtain required key information, required Key includes the private key Pr for being decrypted SN-TK packet, for entering the TK obtained after deciphering The protection key PK of row symmetric cryptography, for transmission cipher key T K after PK encrypts is calculated The key MAK of MAC value；

It is close that S204, MTMS system obtains corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment Key information, is decrypted acquisition TK by Pr to SN-TK packet；

S205, MTMS system obtains corresponding client's PK call number according to customer information corresponding for SN-TK, Obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN and After other data in SN-TK packet are packed, encryption generates new SN-TK packet；

S206, MTMS system obtains corresponding client MAK index according to customer information corresponding for SN-TK Number, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK to newly SN-TK packet is signed；

New SN-TK packet after signature is saved in server by S207, MTMS system；

S208, when being transmitted the distribution of cipher key T K, MTMS system will signature after new SN-TK number Send to KMS system according to bag；

New SN-TK after the signature that S209, KMS system docking receives carries out MAK checking and leads in checking Later in KMS system, set up the mapping table of new SN-TK.

Another technical solution used in the present invention is to provide a kind of safety and gathers the device of transmission key, bag Include operation terminal, MTMS system and POS terminal, described MTMS system include the first judge module, SN downloads control module, the second judge module, packetization module, the first sending module and SN-TK packet Preserve module, described POS terminal include the first authentication module, TK generation module, the first encrypting module, the Three judge modules and active module；

Described operation terminal, for after receiving input operator's password prompt that MTMS system sends, is read Take operator's card and the Actor password of input of insertion, and operator's card information is sent to MTMS system Legitimacy with verification operation person's card；

Described first judge module is used for judging that operator's card information that MTMS system receives is the most legal, If so, notice SN downloads control module and performs operation, if it is not, notice operation terminal performs operation；

Described SN downloads control module and is used for sending complete machine serial number SN download instruction to POS terminal, and sentences Whether disconnected serial number SN downloads successfully, if so, notifies that the second judge module performs judgement, if it is not, notice behaviour Make terminal and perform operation；

Whether described second judge module is used for judging that operator blocks and extracts, and if so, notice operation terminal performs Operation, if it is not, control MTMS system to POS terminal download work certificate；

Described first authentication module is for verifying that the work certificate of download is the most legal, the most then from employee's card Book extracts PKI；

Described TK generation module transmits cipher key T K for stochastic generation；

Described first encrypting module is used for using PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK Ciphertext and serial number SN transmit to MTMS system；

Described packetization module generates SN-TK for the TK ciphertext received and serial number SN carry out packing Packet, and use operator to block SN-TK packet signature；

Described first sending module for generating success status letter by the SN-TK of corresponding described SN-TK packet Breath sends to POS terminal；

Described 3rd judge module is used for judging whether POS terminal receives SN-TK and generate success status letter Breath, the most then notice active module performs operation, if it is not, notify that the first sending module performs operation；

Described active module is used for making POS terminal be converted to use state to swash to complete POS terminal from producing state Live, and generate inspection Success Flag transmission eventually to MTMS system；

Described SN-TK packet preserves module for, after receiving whole inspection Success Flag, preserving this POS terminal SN-TK packet.

Another technical solution used in the present invention is to provide the device of a kind of secure distribution transmission key, bag Including MTMS system, encryption equipment and KMS system, described MTMS system includes receiver module, second tests Card module, the 3rd sending module, deciphering module, the second encrypting module, signature blocks, the 4th sending module With TK distribution module；

Described receiver module is corresponding for the serial number SN obtaining the POS terminal that need to carry out remote cipher key download SN-TK packet；

Described second authentication module is for verifying the legitimacy of SN-TK packet one by one；

Described 3rd sending module, for according to the customer information corresponding to SN-TK packet, obtains client Cipher key index number corresponding in KMS system configuration table, and send to encryption equipment, obtain required key information, Required key includes the private key Pr for being decrypted SN-TK packet, for acquisition after deciphering TK carries out the protection key PK of symmetric cryptography, based on carrying out transmission cipher key T K after PK encrypts Calculate the key MAK of MAC value；

Described deciphering module is close for obtaining corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment Key information, is decrypted acquisition TK by Pr to SN-TK packet；

Described second encrypting module is for obtaining corresponding client's PK rope according to customer information corresponding for SN-TK Quotation marks, obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN And other data in SN-TK packet pack after encryption generate new SN-TK packet；

Described signature blocks is for obtaining corresponding client MAK index according to customer information corresponding for SN-TK Number, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK to newly SN-TK packet is signed；

Described 4th sending module is for being saved in server by the new SN-TK packet after signature；

Described TK distribution module is for when being transmitted the distribution of cipher key T K, by the new SN-TK after signature Packet sends to KMS system；

Described KMS system is for carrying out MAK checking to the new SN-TK after the signature received and testing Demonstrate,prove the mapping table by the new SN-TK of rear foundation.

The invention has the beneficial effects as follows: every POS terminal is when producing, and transmission cipher key T K is all random producing Raw, it is ensured that the TK data that every POS terminal is collected possess uniqueness；In TK gatherer process Operator are carried out strict Authority Verification, the most as much as possible prevents other people from carrying out non-to POS terminal Method operates, it is ensured that its safety；It addition, to the TK data produced before the KMS system being distributed to client All carry out legitimate verification, carry out secondary simultaneously and turn encryption and signature, it is ensured that produce the standard of gathered TK data Really property.

Accompanying drawing explanation

Fig. 1 is the structured flowchart that a kind of safety in an embodiment of the present invention gathers the device of transmission key；

Fig. 2 is the execution flow chart that a kind of safety in an embodiment of the present invention gathers the method for transmission key；

Fig. 3 is the structured flowchart of the device of a kind of secure distribution transmission key in an embodiment of the present invention；

Fig. 4 is the execution flow chart of the method for a kind of secure distribution transmission key in an embodiment of the present invention.

Main element symbol description:

100, operation terminal；

200, MTMS system；210, the first judge module；220, SN downloads control module；230, Two judge modules；240, packetization module；250, the first sending module；260, SN-TK packet preserves mould Block；270, receiver module；280, the second authentication module；290, the 3rd sending module；2100, deciphering mould Block；2110th, two encrypting modules；2120, signature blocks；2130, the 4th sending module；2140、TK Distribution module；

300, POS terminal；310, the first authentication module；320, TK generation module；330, the first encryption Module；340, the 3rd judge module；350, active module；

400, encryption equipment；500, KMS system.

Detailed description of the invention

By describing the technology contents of the present invention, structural feature in detail, being realized purpose and effect, below in conjunction with Embodiment also coordinates accompanying drawing to be explained in detail.

For solving problem present in background technology, the present invention uses a kind of new master key download scenarios, logical Cross POS terminal and randomly generate TK(Transmission Key, transmit key), the TK after producing preserves In the code keypad of POS terminal, and by TK by transmission means transmission required under various application scenarios To KMS system, (Key Management System, key management system, be used for managing terminal master key TMK) in.

As POS terminal application download terminal master key TMK, KMS system uses TK ciphering terminal master Cipher key T MK, and the terminal master key ciphertext after encryption is sent to POS terminal, POS terminal is used after receiving Master key ciphertext is decrypted by TK, obtains terminal master key TMK, and is preserved by terminal master key TMK In code keypad.

So, by TK ciphering terminal master key TMK, TMK is enable to carry out remote transmission, convenient The safety of TMK is downloaded.

In some scenarios, use operation terminal to gather the TK that POS terminal produces, and be responsible for by operation terminal TK is transferred to MTMS system (Material Tracking Management System, Tracing Material system System, mainly uses in plant produced), MTMS systematic unity manage TK, and TK is sent to phase The KMS system answered, described course of conveying by CA center (Certificate Authority, certificate authority, Public Key Infrastructure public key infrastructure technology, special offer network ID authentication clothes are provided Business, is responsible for signing and issuing and managing digital certificate, and has authoritative and third party's trust authority of fairness) mirror Do not operate terminal, MTMS system and the identity of KMS system.Use operation terminal to gather TK can facilitate The rights management that the acquisition operations (can realize a key collection etc.) of TK and TK gather；Use MTMS System can facilitate and is managed collectively TK, convenient after after-sales service time POS terminal data search with under Carry, can realize, by producing single bulk transfer TK, facilitating the transfer management of TK by MTMS system, anti- Only TK misinformates to wrong object；Introducing CA center is possible to prevent pseudo-terminal and pseudo-KMS system to steal TK.

The application scenarios of the present invention is that POS terminal produces TK, and operation terminal gathers TK and is transferred to by TK Third party's (MTMS system), third party (turn encryption) after processing and be sent to KMS system, KMS System receive POS terminal download request after with TK encryption TMK after be sent to POS terminal.

The present invention the most just overcome the technical scheme of the problems referred to above be described in detail.

Referring to Fig. 1, Fig. 1 is the device that a kind of safety in an embodiment of the present invention gathers transmission key Structured flowchart, including including operating terminal 100, MTMS system 200 and POS terminal 300.

Described MTMS system 200 includes that the first judge module 210, SN download control module 220, second Judge module 230, packetization module the 240, first sending module 250 and SN-TK packet preserve module 260.

Described POS terminal 300 includes that the first authentication module 310, TK generation module 320, first encrypt mould Block the 330, the 3rd judge module 340 and active module 350.

Described operation terminal 100 is for carrying at the input operator's password receiving MTMS system 200 transmission After showing, read the operator's card and the Actor password of input inserted, and operator's card information is sent extremely The legitimacy that MTMS system 200 is blocked with verification operation person.

Described first judge module 210 is for judging that operator's card information that MTMS system 200 receives is No legal, if so, notice SN downloads control module 220 and performs operation, if it is not, notice operation terminal 100 Perform operation.

Described SN downloads control module 220 and is used for sending complete machine serial number SN download instruction to POS terminal, And judge whether serial number SN downloads successfully, if so, notify that the second judge module performs judgement, if it is not, logical Know that operation terminal 100 performs operation.

Whether described second judge module 230 is used for judging that operator blocks and extracts, if so, notice operation terminal 100 perform operation, if it is not, control MTMS system 200 to download work certificate to POS terminal 300.

Described first authentication module 310 is for verifying that the work certificate of download is the most legal, the most then from work Deposition extracts PKI.

Described TK generation module 320 transmits cipher key T K for stochastic generation.

Described first encrypting module 330 is used for using PKI that transmission cipher key T K encryption is generated TK ciphertext, will TK ciphertext and serial number SN transmit to MTMS system 200.

Described packetization module 240 generates for the TK ciphertext received and serial number SN carry out packing SN-TK packet, and use operator to block SN-TK packet signature.

Described first sending module 250 is for generating into an account of somebody's meritorious service by the SN-TK of corresponding described SN-TK packet State information sends to POS terminal 300.

Described 3rd judge module 340 is used for judging whether POS terminal receives SN-TK and generate success status Information, the most then notice active module 350 performs operation, if it is not, notify that the first sending module 250 is held Row operation.

Described active module 350 is used for making POS terminal 300 be converted to use state to complete POS from producing state Terminal activates, and generates inspection Success Flag transmission eventually to MTMS system 200.

Described SN-TK packet preserves module 260 for, after receiving whole inspection Success Flag, preserving this POS The SN-TK packet of terminal.

Refer to a kind of safety that Fig. 2, Fig. 2 are corresponding said apparatus in an embodiment of the present invention and gather transmission The execution flow chart of the method for key, the method comprising the steps of:

S106, POS terminal stochastic generation transmission cipher key T K；

Refer to the device that Fig. 3, Fig. 3 are a kind of secure distribution transmission key in an embodiment of the present invention, Including MTMS system 200, encryption equipment 400 and KMS system 500.

Described MTMS system 200 includes that receiver module the 270, second authentication module the 280, the 3rd sends mould Block 290, deciphering module the 2100, second encrypting module 2110, signature blocks the 2120, the 4th sending module 2130 With TK distribution module 2140.

Described receiver module 270 is for obtaining the serial number SN of the POS terminal that need to carry out remote cipher key download Corresponding SN-TK packet.

Described second authentication module 280 is for verifying the legitimacy of SN-TK packet one by one.

Described 3rd sending module 290, for according to the customer information corresponding to SN-TK packet, obtains visitor Cipher key index number corresponding in the KMS system configuration table of family, and send to encryption equipment 400, obtain required key Information, required key includes the private key Pr for being decrypted SN-TK packet, for obtaining after deciphering The TK taken carries out the protection key PK of symmetric cryptography, for transmission cipher key T K after PK encrypts Carry out calculating the key MAK of MAC value.

Described deciphering module 2100 is right for obtaining from encryption equipment 400 according to Pr call number corresponding for SN-TK The Pr key information answered, is decrypted acquisition TK by Pr to SN-TK packet.

Described second encrypting module 2110 is for obtaining corresponding client according to customer information corresponding for SN-TK PK call number, obtains the PK key information of correspondence, by PK pair according to PK call number from encryption equipment 400 After other data in TK, SN and SN-TK packet are packed, encryption generates new SN-TK packet.

Described signature blocks 2120 is for obtaining corresponding client MAK according to customer information corresponding for SN-TK Call number, obtains the MAK key information of correspondence, passes through MAK according to MAK call number from encryption equipment 400 New SN-TK packet is signed.

Described 4th sending module 2130 is for being saved in server by the new SN-TK packet after signature.

Described TK distribution module 2140, will new after signature for when being transmitted the distribution of cipher key T K SN-TK packet sends to KMS system 500.

Described KMS system 500 is verified also for the new SN-TK after the signature received carries out MAK The mapping table of new SN-TK is set up after being verified.

Wherein, also include POS terminal, described KMS system also includes TMK encrypting module, TMK Sending module, described POS terminal includes that TMK downloads request module and TMK deciphering module.

Described TMK encrypting module is for using the TK terminal master key TMK to being stored in KMS system It is encrypted generation TMK ciphertext and preserves.

Described TMK downloads request module and downloads solicited message for sending TMK to KMS system, should Seek the SN comprising POS terminal in information.

Described TMK sending module for by the SN in solicited message by should the TK of SN encrypted TMK ciphertext send to POS terminal.

Described TMK deciphering module obtains TMK after being used for using TK to be decrypted TMK ciphertext.

Refer to a kind of secure distribution transmission that Fig. 4, Fig. 4 are corresponding said apparatus in an embodiment of the present invention The execution flow chart of the method for key, the method comprising the steps of:

S202, MTMS system verifies the legitimacy of SN-TK packet one by one；

New SN-TK packet after signature is saved in server by S207, MTMS system；

Wherein, further comprise the steps of: after step S209

S210, KMS system uses TK to add the terminal master key TMK being stored in KMS system Close generation TMK ciphertext also preserves；

S211, POS terminal send TMK to KMS system and download solicited message, comprise in this solicited message The SN of POS terminal；

S212, KMS system by the SN in solicited message by should the TMK encrypted for TK of SN Ciphertext sends to POS terminal；

S212, POS terminal use TK to obtain TMK after being decrypted TMK ciphertext.

The beneficial effects of the present invention is, every POS terminal is when producing, and transmission cipher key T K is all random Produce, it is ensured that the TK data that every POS terminal is collected possess uniqueness；At TK gatherer process In operator are carried out strict Authority Verification, the most as much as possible prevent other people from POS terminal being carried out Illegal operation, it is ensured that its safety；It addition, the TK data produced are being distributed to the KMS system of client Before all carry out legitimate verification, carry out simultaneously secondary turn encryption and signature, it is ensured that produce gathered TK data Accuracy.

The foregoing is only embodiments of the invention, not thereby limit the scope of the claims of the present invention, every profit The equivalent structure made by description of the invention and accompanying drawing content or equivalence flow process conversion, or directly or indirectly transport It is used in other relevant technical fields, is the most in like manner included in the scope of patent protection of the present invention.

Claims

1. the method that a safety gathers transmission key, it is characterised in that include step:

After S101, operation terminal receive input operator's password prompt that MTMS system sends, read and insert The operator's card entered and the Actor password of input, and operator's card information is sent to MTMS system to test The legitimacy of card operator's card；Described MTMS system is Tracing Material system；

S102, MTMS system judges that the operator's card information received is the most legal, if so, performs step

S103, if it is not, return step S101；

S103, MTMS system transmission complete machine serial number SN download instruction is to POS terminal, and judges sequence Whether row SN downloads successfully, if so, enters step S104, if it is not, return step S101；

S106, POS terminal stochastic generation transmission cipher key T K；

S107, POS terminal use PKI that transmission cipher key T K encryption is generated TK ciphertext, by TK ciphertext Transmit to MTMS system with serial number SN；

S110, POS terminal judge whether that receiving SN-TK generates success status information, the most then hold Row step S111, if it is not, then return step S109；

2. the method for secure distribution transmission key, it is characterised in that include step:

S201, MTMS system obtains serial number SN pair of the POS terminal that need to carry out remote cipher key download The SN-TK packet answered；Described MTMS system is Tracing Material system；

S202, MTMS system verifies the legitimacy of SN-TK packet one by one；

S203, MTMS system, according to the customer information corresponding to SN-TK packet, obtains client KMS

Cipher key index number corresponding in system configuration table, and send to encryption equipment, obtain required key information, Required

Key includes the private key Pr for being decrypted SN-TK packet, for acquisition after deciphering TK carries out the protection key PK of symmetric cryptography, for carrying out transmission cipher key T K after PK encrypts Calculate the key MAK of MAC value；

S204, MTMS system obtains corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment Key information, is decrypted acquisition TK by Pr to SN-TK packet；

S205, MTMS system obtains corresponding client PK index according to customer information corresponding for SN-TK Number, obtain corresponding PK key information according to PK call number from encryption equipment, by PK to TK, SN with And other data in SN-TK packet pack after encryption generate new SN-TK packet；

S206, MTMS system obtains corresponding client's MAK rope according to customer information corresponding for SN-TK Quotation marks, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK pair New SN-TK packet is signed；

New SN-TK packet after signature is saved in server by S207, MTMS system；

New SN-TK after the signature that S209, KMS system docking receives carries out MAK checking and in checking In KMS system, the mapping table of new SN-TK is set up after by.

The method of a kind of secure distribution the most according to claim 2 transmission key, it is characterised in that: Also include after step S209:

S210, KMS system uses TK to carry out the terminal master key TMK being stored in KMS system Encryption generates TMK ciphertext and preserves；

S211, POS terminal send TMK to KMS system and download solicited message, wrap in this solicited message SN containing POS terminal；

S212, KMS system by the SN in solicited message by should the TMK encrypted for TK of SN Ciphertext sends to POS terminal；S212, POS terminal use TK to obtain after being decrypted TMK ciphertext Take TMK.

4. a safety gathers the device transmitting key, it is characterised in that include operating terminal, MTMS system System and POS terminal, described MTMS system include the first judge module, SN download control module, the Two judge modules, packetization module, the first sending module and SN-TK packet preserve module, and described POS is eventually End includes the first authentication module, TK generation module, the first encrypting module, the 3rd judge module and active module； Described MTMS system is Tracing Material system；

Described operation terminal is used for after receiving input operator's password prompt that MTMS system sends, Read the operator's card and the Actor password of input inserted, and operator's card information is sent to MTMS system System is with the legitimacy of verification operation person's card；

Described first judge module is for judging whether operator's card information that MTMS system receives closes Method,

If so, notice SN downloads control module and performs operation, if it is not, notice operation terminal performs operation；

Described SN downloads control module and is used for sending complete machine serial number SN download instruction to POS terminal, and Judge whether serial number SN downloads successfully, if so, notify that the second judge module performs judgement, if it is not, logical Know that operation terminal performs operation；

Described SN-TK packet preserves module for, after receiving whole inspection Success Flag, preserving this POS eventually The SN-TK packet of end.

5. the device of a secure distribution transmission key, it is characterised in that include MTMS system, encryption Machine and KMS system, described MTMS system includes receiver module, the second authentication module, the 3rd transmission mould Block, deciphering module, the second encrypting module, signature blocks, the 4th sending module and TK distribution module；Institute Stating MTMS system is Tracing Material system；

Described receiver module is for obtaining serial number SN pair of the POS terminal that need to carry out remote cipher key download The SN-TK packet answered；

Described 3rd sending module, for according to the customer information corresponding to SN-TK packet, obtains client Cipher key index number corresponding in KMS system configuration table, and send to encryption equipment, obtain required key information,

Required key includes the private key Pr for being decrypted SN-TK packet, for obtaining after deciphering TK carry out symmetric cryptography protection key PK, for through PK encrypt after transmission cipher key T K enter Row calculates the key MAK of MAC value；

Described deciphering module is for obtaining corresponding Pr according to Pr call number corresponding for SN-TK from encryption equipment Key information, is decrypted acquisition TK by Pr to SN-TK packet；

Described second encrypting module is for obtaining corresponding client PK according to customer information corresponding for SN-TK Call number, obtains corresponding PK key information according to PK call number from encryption equipment, by PK to TK, After other data in SN and SN-TK packet are packed, encryption generates new SN-TK packet；

Described signature blocks is for obtaining corresponding client's MAK rope according to customer information corresponding for SN-TK Quotation marks, obtain corresponding MAK key information according to MAK call number from encryption equipment, by MAK pair New SN-TK packet is signed；

Described TK distribution module, will new after signature for when being transmitted the distribution of cipher key T K SN-TK packet sends to KMS system；

Described KMS system for the new SN-TK after the signature received carried out MAK checking and The mapping table of new SN-TK is set up after being verified.

The device of a kind of secure distribution the most according to claim 5 transmission key, it is characterised in that: also Including POS terminal, described KMS system also includes TMK encrypting module, TMK sending module, Described POS terminal includes that TMK downloads request module and TMK deciphering module；

Described TMK encrypting module is for using the TK terminal master key to being stored in KMS system TMK is encrypted generation TMK ciphertext and preserves；

Described TMK downloads request module and downloads solicited message for sending TMK to KMS system, should Solicited message comprises the SN of POS terminal；

Described TMK sending module for by the SN in solicited message by should SN TK encrypt The TMK ciphertext crossed sends to POS terminal；